X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_poll.php;h=d87d97a31ec86600aeab135d8d5abd42c02610ac;hb=9f2196aa1aa0dc112e3fc238832828d4e22fe137;hp=8abe42abbb804580b95edcace359855f42729cf8;hpb=f076d7f0dc3619604872c48f41f66e3fa4c4af79;p=friendica.git

diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index 8abe42abbb..d87d97a31e 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -1,14 +1,14 @@
 <?php
 
-
+use Friendica\App;
+use Friendica\Core\System;
 
 require_once('include/items.php');
 require_once('include/auth.php');
+require_once('include/dfrn.php');
+require_once('include/ostatus.php');
 
-
-function dfrn_poll_init(&$a) {
-
-
+function dfrn_poll_init(App $a) {
 	$dfrn_id         = ((x($_GET,'dfrn_id'))         ? $_GET['dfrn_id']              : '');
 	$type            = ((x($_GET,'type'))            ? $_GET['type']                 : 'data');
 	$last_update     = ((x($_GET,'last_update'))     ? $_GET['last_update']          : '');
@@ -17,6 +17,15 @@ function dfrn_poll_init(&$a) {
 	$sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
 	$dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
 	$perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+	$quiet			 = ((x($_GET,'quiet'))			 ? true							 : false);
+
+	// Possibly it is an OStatus compatible server that requests a user feed
+	if (($a->argc > 1) && ($dfrn_id == '') && !strstr($_SERVER["HTTP_USER_AGENT"], 'Friendica')) {
+		$nickname = $a->argv[1];
+		header("Content-type: application/atom+xml");
+		echo ostatus::feed($a, $nickname, $last_update, 10);
+		killme();
+	}
 
 	$direction = (-1);
 
@@ -26,9 +35,11 @@ function dfrn_poll_init(&$a) {
 		$dfrn_id   = substr($dfrn_id,2);
 	}
 
+	$hidewall = false;
+
 	if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
 		if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
-			killme();
+			http_status_exit(403);
 		}
 
 		$user = '';
@@ -36,14 +47,17 @@ function dfrn_poll_init(&$a) {
 			$r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
 				dbesc($a->argv[1])
 			);
-			if((! count($r)) || (count($r) && $r[0]['hidewall']))
-				killme();
+			if (!$r)
+				http_status_exit(404);
+
+			$hidewall = ($r[0]['hidewall'] && !local_user());
+
 			$user = $r[0]['nickname'];
 		}
- 
+
 		logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user);
 		header("Content-type: application/atom+xml");
-		echo get_feed_for($a, '', $user,$last_update);
+		echo dfrn::feed('', $user,$last_update, 0, $hidewall);
 		killme();
 	}
 
@@ -64,18 +78,18 @@ function dfrn_poll_init(&$a) {
 				$my_id = '0:' . $dfrn_id;
 				break;
 			default:
-				goaway(z_root());
+				goaway(System::baseUrl());
 				break; // NOTREACHED
 		}
 
-		$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname` 
+		$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname`
 			FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
-			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
+			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0
 			AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
 			dbesc($a->argv[1])
 		);
-		
-		if(count($r)) {
+
+		if (dbm::is_result($r)) {
 
 			$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
 
@@ -96,20 +110,21 @@ function dfrn_poll_init(&$a) {
 					$_SESSION['visitor_home'] = $r[0]['url'];
 					$_SESSION['visitor_handle'] = $r[0]['addr'];
 					$_SESSION['visitor_visiting'] = $r[0]['uid'];
-					info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
+					if(!$quiet)
+						info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
 					// Visitors get 1 day session.
 					$session_id = session_id();
 					$expire = time() + 86400;
-					q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s' LIMIT 1",
+					q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s'",
 						dbesc($expire),
 						dbesc($session_id)
-					); 
+					);
 				}
 			}
 			$profile = $r[0]['nickname'];
-			goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile);
+			goaway((strlen($destination_url)) ? $destination_url : System::baseUrl() . '/profile/' . $profile);
 		}
-		goaway(z_root());
+		goaway(System::baseUrl());
 
 	}
 
@@ -121,7 +136,7 @@ function dfrn_poll_init(&$a) {
 			$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
 				dbesc($sec)
 			);
-			if(! count($r)) {
+			if (! dbm::is_result($r)) {
 				xml_status(3, 'No ticket');
 				// NOTREACHED
 			}
@@ -132,7 +147,7 @@ function dfrn_poll_init(&$a) {
 			$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
 				intval($r[0]['cid'])
 			);
-			if(! count($c)) {
+			if (! dbm::is_result($c)) {
 				xml_status(3, 'No profile');
 			}
 			$contact = $c[0];
@@ -158,7 +173,7 @@ function dfrn_poll_init(&$a) {
 
 			if($final_dfrn_id != $orig_id) {
 				logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
-				// did not decode properly - cannot trust this site 
+				// did not decode properly - cannot trust this site
 				xml_status(3, 'Bad decryption');
 			}
 
@@ -185,7 +200,7 @@ function dfrn_poll_init(&$a) {
 			q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
 			$r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC",
 				dbesc($dfrn_id));
-			if(count($r)) {
+			if (dbm::is_result($r)) {
 				xml_status(1);
 				return; // NOTREACHED
 			}
@@ -198,7 +213,7 @@ function dfrn_poll_init(&$a) {
 
 
 
-function dfrn_poll_post(&$a) {
+function dfrn_poll_post(App $a) {
 
 	$dfrn_id      = ((x($_POST,'dfrn_id'))      ? $_POST['dfrn_id']              : '');
 	$challenge    = ((x($_POST,'challenge'))    ? $_POST['challenge']            : '');
@@ -207,18 +222,18 @@ function dfrn_poll_post(&$a) {
 	$ptype        = ((x($_POST,'type'))         ? $_POST['type']                 : '');
 	$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
 	$perm         = ((x($_POST,'perm'))         ? $_POST['perm']                 : 'r');
-          
+
 	if($ptype === 'profile-check') {
 
 		if((strlen($challenge)) && (strlen($sec))) {
 
 			logger('dfrn_poll: POST: profile-check');
- 
+
 			q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
 			$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
 				dbesc($sec)
 			);
-			if(! count($r)) {
+			if (! dbm::is_result($r)) {
 				xml_status(3, 'No ticket');
 				// NOTREACHED
 			}
@@ -229,7 +244,7 @@ function dfrn_poll_post(&$a) {
 			$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
 				intval($r[0]['cid'])
 			);
-			if(! count($c)) {
+			if (! dbm::is_result($c)) {
 				xml_status(3, 'No profile');
 			}
 			$contact = $c[0];
@@ -255,7 +270,7 @@ function dfrn_poll_post(&$a) {
 
 			if($final_dfrn_id != $orig_id) {
 				logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
-				// did not decode properly - cannot trust this site 
+				// did not decode properly - cannot trust this site
 				xml_status(3, 'Bad decryption');
 			}
 
@@ -279,13 +294,14 @@ function dfrn_poll_post(&$a) {
 		dbesc($challenge)
 	);
 
-	if(! count($r))
+	if (! dbm::is_result($r)) {
 		killme();
+	}
 
 	$type = $r[0]['type'];
 	$last_update = $r[0]['last_update'];
 
-	$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
+	$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s'",
 		dbesc($dfrn_id),
 		dbesc($challenge)
 	);
@@ -306,7 +322,7 @@ function dfrn_poll_post(&$a) {
 			$my_id = '0:' . $dfrn_id;
 			break;
 		default:
-			goaway(z_root());
+			goaway(System::baseUrl());
 			break; // NOTREACHED
 	}
 
@@ -314,12 +330,13 @@ function dfrn_poll_post(&$a) {
 	$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1");
 
 
-	if(! count($r))
+	if (! dbm::is_result($r)) {
 		killme();
+	}
 
 	$contact = $r[0];
 	$owner_uid = $r[0]['uid'];
-	$contact_id = $r[0]['id']; 
+	$contact_id = $r[0]['id'];
 
 
 	if($type === 'reputation' && strlen($url)) {
@@ -330,7 +347,7 @@ function dfrn_poll_post(&$a) {
 		$reputation = 0;
 		$text = '';
 
-		if(count($r)) {
+		if (dbm::is_result($r)) {
 			$reputation = $r[0]['rating'];
 			$text = $r[0]['reason'];
 
@@ -352,7 +369,7 @@ function dfrn_poll_post(&$a) {
 	}
 	else {
 
-		// Update the writable flag if it changed		
+		// Update the writable flag if it changed
 		logger('dfrn_poll: post request feed: ' . print_r($_POST,true),LOGGER_DATA);
 		if($dfrn_version >= 2.21) {
 			if($perm === 'rw')
@@ -361,22 +378,22 @@ function dfrn_poll_post(&$a) {
 				$writable = 0;
 
 			if($writable !=  $contact['writable']) {
-				q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1",
+				q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d",
 					intval($writable),
 					intval($contact_id)
 				);
 			}
 		}
-				
+
 		header("Content-type: application/atom+xml");
-		$o = get_feed_for($a,$dfrn_id, $a->argv[1], $last_update, $direction);
+		$o = dfrn::feed($dfrn_id, $a->argv[1], $last_update, $direction);
 		echo $o;
 		killme();
 
 	}
 }
 
-function dfrn_poll_content(&$a) {
+function dfrn_poll_content(App $a) {
 
 	$dfrn_id         = ((x($_GET,'dfrn_id'))         ? $_GET['dfrn_id']              : '');
 	$type            = ((x($_GET,'type'))            ? $_GET['type']                 : 'data');
@@ -385,6 +402,7 @@ function dfrn_poll_content(&$a) {
 	$sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
 	$dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
 	$perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+	$quiet		 = ((x($_GET,'quiet'))           ? true	                         : false);
 
 	$direction = (-1);
 	if(strpos($dfrn_id,':') == 1) {
@@ -429,20 +447,20 @@ function dfrn_poll_content(&$a) {
 				$my_id = '0:' . $dfrn_id;
 				break;
 			default:
-				goaway(z_root());
+				goaway(System::baseUrl());
 				break; // NOTREACHED
 		}
 
 		$nickname = $a->argv[1];
 
-		$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname` 
+		$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname`
 			FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
-			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
+			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0
 			AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
 			dbesc($nickname)
 		);
 
-		if(count($r)) {
+		if (dbm::is_result($r)) {
 
 			$challenge = '';
 			$encrypted_id = '';
@@ -471,8 +489,8 @@ function dfrn_poll_content(&$a) {
 			// URL reply
 
 			if($dfrn_version < 2.2) {
-				$s = fetch_url($r[0]['poll'] 
-					. '?dfrn_id=' . $encrypted_id 
+				$s = fetch_url($r[0]['poll']
+					. '?dfrn_id=' . $encrypted_id
 					. '&type=profile-check'
 					. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
 					. '&challenge=' . $challenge
@@ -488,22 +506,23 @@ function dfrn_poll_content(&$a) {
 					'sec' => $sec
 				));
 			}
-			
-			$profile = ((count($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname);
+
+			$profile = ((dbm::is_result($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname);
 
 			switch($destination_url) {
 				case 'profile':
-					$dest = $a->get_baseurl() . '/profile/' . $profile . '?tab=profile';
+					$dest = System::baseUrl() . '/profile/' . $profile . '?f=&tab=profile';
 					break;
 				case 'photos':
-					$dest = $a->get_baseurl() . '/photos/' . $profile;
+					$dest = System::baseUrl() . '/photos/' . $profile;
 					break;
 				case 'status':
 				case '':
-					$dest = $a->get_baseurl() . '/profile/' . $profile;
-					break;		
+					$dest = System::baseUrl() . '/profile/' . $profile;
+					break;
 				default:
-					$dest = $destination_url;
+					$appendix = (strstr($destination_url, '?') ? '&f=&redir=1' : '?f=&redir=1');
+					$dest = $destination_url . $appendix;
 					break;
 			}
 
@@ -517,8 +536,8 @@ function dfrn_poll_content(&$a) {
 
 				logger('dfrn_poll: secure profile: challenge: ' . $xml->challenge . ' expecting ' . $hash);
 				logger('dfrn_poll: secure profile: sec: ' . $xml->sec . ' expecting ' . $sec);
- 
-				
+
+
 				if(((int) $xml->status == 0) && ($xml->challenge == $hash)  && ($xml->sec == $sec)) {
 					$_SESSION['authenticated'] = 1;
 					if(! x($_SESSION,'remote'))
@@ -527,16 +546,17 @@ function dfrn_poll_content(&$a) {
 					$_SESSION['visitor_id'] = $r[0]['id'];
 					$_SESSION['visitor_home'] = $r[0]['url'];
 					$_SESSION['visitor_visiting'] = $r[0]['uid'];
-					info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
+					if(!$quiet)
+						info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
 					// Visitors get 1 day session.
 					$session_id = session_id();
 					$expire = time() + 86400;
-					q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s' LIMIT 1",
+					q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s'",
 						dbesc($expire),
 						dbesc($session_id)
-					); 
+					);
 				}
-			
+
 				goaway($dest);
 			}
 			goaway($dest);
@@ -558,5 +578,3 @@ function dfrn_poll_content(&$a) {
 		}
 	}
 }
-
-